Sign In

Blog

Latest News

Cloud Security Manager (Permanent – Hybrid – Malvern, PA, Charlotte, NC, or Dallas, TX)
Hybrid, Permanent
Charlotte, NC, Dallas, TX, Malvern, PA
Posted 4 days ago

Cloud Security Manager (Permanent – Hybrid – Malvern, PA, Charlotte, NC, or Dallas, TX)

Glocomms has partnered with a leading financial services organization to find a seasoned Cloud Security Manager who will lead and evolve their enterprise cloud security program. This permanent position offers a hybrid work model, requiring onsite presence Tuesday through Thursday in one of the organization’s key locations: Malvern, PA, Charlotte, NC, or Dallas, TX, with remote flexibility on Mondays and Fridays.

This individual will oversee a dedicated team responsible for securing complex multi-cloud environments (AWS, Azure, GCP), driving advanced vulnerability management initiatives, and implementing innovative solutions to optimize team operations. The ideal candidate blends exceptional technical depth with strategic leadership, coupled with a profound passion for automation and continuous innovation in cloud security.

What You’ll Be Doing: Leading Strategic Cloud Security Initiatives

As a Cloud Security Manager, you’ll be at the forefront of protecting sensitive financial data and critical infrastructure across diverse cloud platforms. Your role is highly strategic, combining hands-on technical oversight with team leadership and a relentless focus on compliance and automation.

  • Lead and Mentor a Team of Cloud Security Engineers and Analysts: You will be responsible for leading and mentoring a high-performing team of cloud security engineers and analysts. This crucial leadership role involves setting clear objectives, providing technical guidance, fostering skill development, and conducting regular team assessments and performance reviews. You’ll also make vital recommendations related to hiring and compensation, ensuring your team remains at the cutting edge of cloud security expertise.
  • Oversee CNAPP/CSPM Platform Implementation and Optimization: You will provide expert oversight for the implementation and continuous optimization of CNAPP (Cloud Native Application Protection Platform) and CSPM (Cloud Security Posture Management) platforms. This includes leveraging industry-leading solutions such as Prisma Cloud, Wiz, and Aqua Security. Your leadership will ensure these platforms are fully utilized to provide comprehensive visibility, detect misconfigurations, and enforce security policies across multi-cloud environments.
  • Manage Vulnerability Detection and Remediation Workflows: You will strategically manage vulnerability detection and remediation workflows across the cloud infrastructure. This involves overseeing the use of powerful tools like CrowdStrike (endpoint security), Nessus (vulnerability scanning), Qualys (cloud security and compliance), Brinqa (risk analytics), Kenna Security (vulnerability management), Vulcan Cyber (cyber risk management), and Dazz (risk-based prioritization). Your goal is to streamline the identification, prioritization, and resolution of security vulnerabilities, significantly reducing the organization’s risk exposure.
  • Develop and Enforce Custom Security Controls and Policies: You will be instrumental in developing and enforcing custom security controls and policies designed to specifically address unique challenges such as misconfigurations, false positives from security tools, and limitations of out-of-box (OOB) cloud security features. Your ability to create tailored solutions will enhance the security posture beyond standard cloud offerings.
  • Collaborate on Integrating Security into CI/CD Pipelines and Kubernetes: You will foster deep collaboration with DevOps and infrastructure teams to seamlessly integrate security into CI/CD (Continuous Integration/Continuous Delivery) pipelines and Kubernetes environments. This includes implementing security gates, automated vulnerability scanning, secure configuration checks, and policy enforcement directly within the development and deployment workflows, ensuring security is baked in from the start (“shift left”).
  • Identify and Implement Automation Opportunities: You will actively identify and implement automation opportunities to significantly streamline security operations and reduce manual effort. This involves leveraging scripting, cloud-native automation services, and orchestration tools to automate repetitive tasks, response actions, and reporting, thereby increasing efficiency, accuracy, and scalability of the security team.
  • Ensure Compliance with Internal SLAs and Regulatory Requirements: You will meticulously ensure compliance with internal Service Level Agreements (SLAs) for cloud security posture and incident response. Furthermore, you will guarantee adherence to stringent regulatory requirements pertinent to financial services, such as data privacy laws, industry standards (e.g., PCI DSS), and internal audit mandates. Your vigilance will maintain the organization’s robust compliance standing.
  • Partner with Enterprise Risk and Compliance Teams: You will proactively partner with enterprise risk and compliance teams to align cloud security initiatives with broader business objectives. This involves translating technical security concepts into risk language, contributing to risk assessments, and ensuring that cloud security strategies effectively mitigate business risks and support the organization’s overall risk appetite and regulatory obligations.
  • Leverage Platforms for Risk-Based Prioritization and Reporting: You will expertly leverage platforms like Avalor and Brinqa for advanced risk-based prioritization and comprehensive reporting. These tools will enable you to analyze vast amounts of security data, identify the most critical risks based on business impact, and generate actionable reports that inform strategic decision-making by senior leadership.

What You Bring: Essential Qualifications for a Cloud Security Leader

To excel as a Cloud Security Manager, you’ll need extensive experience in cybersecurity and cloud security leadership, coupled with deep technical expertise across multi-cloud environments and security tools.

Required Qualifications:

  • Extensive Cybersecurity and Cloud Security Leadership Experience: You must possess 7+ years of verifiable experience in cybersecurity, with at least 3 years specifically in a cloud security leadership role. This extensive background demonstrates a proven track record of managing security programs, leading teams, and driving security initiatives within complex technical environments.
  • Proven Experience Managing Security in Multi-Cloud Environments: You must have proven experience managing security in multi-cloud environments, including hands-on expertise with AWS (Amazon Web Services), Azure (Microsoft Azure), and GCP (Google Cloud Platform). This indicates your ability to navigate the unique security features, challenges, and best practices of each major cloud provider.
  • Hands-on CNAPP/CSPM Tools and Vulnerability Management Platforms Expertise: You possess hands-on expertise with CNAPP/CSPM tools such as Prisma Cloud, Wiz, and Aqua Security, demonstrating your ability to implement, configure, and optimize these platforms for cloud security posture management and native application protection. Additionally, strong experience with vulnerability management platforms like CrowdStrike, Nessus, and Qualys is essential for vulnerability detection and remediation workflows.
  • Strong Understanding of Kubernetes Security and Cloud-Native Architectures: You are required to have a strong understanding of Kubernetes security, including securing clusters, containers, and microservices. This is coupled with a deep knowledge of cloud-native architectures and infrastructure-as-code (IaC) principles, ensuring you can integrate security into automated cloud deployments.
  • Familiarity with Security Data Platforms: You have familiarity with specialized security data platforms such as Brinqa, Kenna Security, Vulcan Cyber, Dazz, and Avalor. This indicates your understanding of how these tools aggregate, analyze, and prioritize security findings for effective risk management.
  • Demonstrated Success in People Management and Collaboration: You have demonstrated success in people management, including team development, mentoring, and performance leadership. This is combined with a proven ability to drive cross-functional collaboration, effectively working with diverse teams across an organization.
  • Excellent Communication and Business Impact Translation: You possess excellent communication skills, both verbal and written, with the critical ability to translate complex technical risks into clear business impact for non-technical stakeholders and executive leadership.

Preferred Qualifications:

While the above are essential, the following qualifications would further strengthen your application:

  • Industry Certifications: Possession of valuable industry certifications such as CISSP (Certified Information Systems Security Professional), CCSP (Certified Cloud Security Professional), or AWS/Azure/GCP Security Specialty certifications. These demonstrate validated expertise in information security and specific cloud security domains.
  • Experience in Financial Services or Regulated Industries: Direct experience in financial services or other highly regulated industries is a significant plus. This background provides valuable context on compliance requirements, risk appetite, and the unique security challenges of these sectors.
  • Knowledge of Compliance Frameworks: Familiarity with major compliance frameworks like NIST (National Institute of Standards and Technology), ISO 27001 (Information Security Management), SOC 2 (Service Organization Control 2), and PCI-DSS (Payment Card Industry Data Security Standard). This knowledge ensures solutions meet stringent regulatory and audit demands.

Work Environment:

This is a hybrid role requiring on-site presence Tuesday through Thursday at one of the organization’s key locations: Malvern, PA, Charlotte, NC, or Dallas, TX, with remote flexibility on Mondays and Fridays. Unfortunately, visa sponsorship is not available at this time.

If this Cloud Security Manager role, based in Malvern, Charlotte, or Dallas, aligns with your leadership experience in multi-cloud security, your expertise with CNAPP/CSPM platforms, and your passion for driving strategic security initiatives within financial services, we encourage you to learn more about this exceptional permanent, hybrid opportunity. This is a chance to lead a vital team and significantly impact the security posture of a leading financial institution.

Are you ready to shape the future of cloud security in a high-stakes environment?

Job Features

Job CategoryEngineering, Security

Apply For This Job

A valid phone number is required.
Copyright @ 2024 eStreet Security. All Rights Reserved by eStreet!